{ "$defs": { "Confidentiality": { "description": "Cross-cutting confidentiality classification used across privacy,\nsecurity, knowledge, IR pillars. Default rendering rule: `corpospec-report`\nexcludes `Restricted | BoardOnly | InvestorOnly` records from public output\nunless an explicit audience parameter overrides. See BDR 0076 §1.", "oneOf": [ { "const": "public", "description": "Safe to publish anywhere.", "type": "string" }, { "const": "customer", "description": "Visible to customers under standard ToS.", "type": "string" }, { "const": "internal", "description": "Employees and contractors only.", "type": "string" }, { "const": "restricted", "description": "Need-to-know subset of internal.", "type": "string" }, { "const": "board_only", "description": "Board members and direct staff.", "type": "string" }, { "const": "investor_only", "description": "Existing investors + prospective with NDA.", "type": "string" } ] }, "GdprRole": { "description": "Role under GDPR.", "oneOf": [ { "enum": [ "controller", "joint_controller", "processor", "sub_processor" ], "type": "string" }, { "const": "third_party_recipient", "description": "Independent third-party data recipient.", "type": "string" } ] }, "IsoCountry": { "description": "ISO 3166-1 alpha-2 country code.", "pattern": "^[A-Z]{2}$", "type": "string" }, "IsoDate": { "description": "ISO 8601 date (YYYY-MM-DD).", "format": "date", "type": "string" }, "LawfulBasis": { "description": "Lawful basis under Art. 6(1).", "oneOf": [ { "const": "consent", "description": "Art. 6(1)(a) — consent.", "type": "string" }, { "const": "contract", "description": "Art. 6(1)(b) — contract.", "type": "string" }, { "const": "legal_obligation", "description": "Art. 6(1)(c) — legal obligation.", "type": "string" }, { "const": "vital_interests", "description": "Art. 6(1)(d) — vital interests.", "type": "string" }, { "const": "public_task", "description": "Art. 6(1)(e) — public task.", "type": "string" }, { "const": "legitimate_interests", "description": "Art. 6(1)(f) — legitimate interests (LIA required).", "type": "string" } ] }, "PathRef": { "description": "Path-based cross-reference relative to .corpospec/ root.\nPattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$`", "pattern": "^[a-z0-9_-]+(/[a-z0-9_.-]+)+$", "type": "string" }, "Recipient": { "description": "Recipient (internal or third-party).", "properties": { "dpa_ref": { "anyOf": [ { "$ref": "#/$defs/PathRef" }, { "type": "null" } ], "description": "PathRef into the DPA (Art. 28 data-processing agreement)." }, "jurisdiction": { "$ref": "#/$defs/IsoCountry" }, "name": { "type": "string" }, "role": { "$ref": "#/$defs/GdprRole" }, "transfer_mechanism": { "anyOf": [ { "$ref": "#/$defs/TransferMechanism" }, { "type": "null" } ], "description": "Transfer mechanism if third-country." } }, "required": [ "name", "role", "jurisdiction" ], "type": "object" }, "SecurityMeasure": { "description": "Security measure (Art. 32) reference.", "properties": { "control_ref": { "anyOf": [ { "$ref": "#/$defs/PathRef" }, { "type": "null" } ], "description": "PathRef to the control / policy / runbook." }, "measure": { "description": "e.g. \"AES-256 at rest\", \"TLS 1.3 in transit\", \"RBAC\", \"MFA\",\n\"audit logging\", \"incident response\".", "type": "string" } }, "required": [ "measure" ], "type": "object" }, "SpecialCategoryBasis": { "description": "Special-category basis under Art. 9(2).", "oneOf": [ { "const": "explicit_consent", "description": "Art. 9(2)(a) — explicit consent.", "type": "string" }, { "const": "employment_social", "description": "Art. 9(2)(b) — employment, social security, social protection.", "type": "string" }, { "const": "vital_interests", "description": "Art. 9(2)(c) — vital interests where data subject incapable of\nconsent.", "type": "string" }, { "const": "non_profit", "description": "Art. 9(2)(d) — legitimate activities of a not-for-profit body.", "type": "string" }, { "const": "data_made_public", "description": "Art. 9(2)(e) — data made public by the data subject.", "type": "string" }, { "const": "legal_claims", "description": "Art. 9(2)(f) — legal claims / court proceedings.", "type": "string" }, { "const": "substantial_public_interest", "description": "Art. 9(2)(g) — substantial public interest.", "type": "string" }, { "const": "health_occupational", "description": "Art. 9(2)(h) — preventive / occupational medicine.", "type": "string" }, { "const": "public_health", "description": "Art. 9(2)(i) — public health.", "type": "string" }, { "const": "research_archiving", "description": "Art. 9(2)(j) — archiving / scientific / historical research.", "type": "string" }, { "const": "not_applicable", "description": "Not applicable — no special-category processing.", "type": "string" } ] }, "TransferMechanism": { "description": "International-transfer instrument (Art. 44–49).", "oneOf": [ { "const": "adequacy", "description": "Art. 45 adequacy decision.", "type": "string" }, { "const": "scc", "description": "Art. 46(2)(c) Standard Contractual Clauses (EU Commission).", "type": "string" }, { "const": "bcr", "description": "Art. 46(2)(b) Binding Corporate Rules.", "type": "string" }, { "const": "code_of_conduct", "description": "Art. 46(2)(a) approved code of conduct.", "type": "string" }, { "const": "certification", "description": "Art. 46(2)(e) approved certification mechanism.", "type": "string" }, { "const": "derogation", "description": "Art. 49 derogation (consent, contract, public interest, etc.).", "type": "string" }, { "const": "dp_framework", "description": "EU/US Data Privacy Framework (Adequacy ruling 2023).", "type": "string" }, { "const": "none_applicable", "description": "No third-country transfer.", "type": "string" } ] } }, "$id": "https://corpospec.com/schemas/v0.16.0/gdpr-processing-record.schema.json", "$schema": "https://json-schema.org/draft/2020-12/schema", "additionalProperties": false, "description": "One record of processing activity.", "properties": { "activity_name": { "description": "Activity short name (e.g. \"Payroll processing\").", "type": "string" }, "confidentiality": { "$ref": "#/$defs/Confidentiality" }, "created_at": { "$ref": "#/$defs/IsoDate" }, "data_categories": { "description": "Categories of personal data (e.g. [\"identity\", \"financial\",\n\"health\"]).", "items": { "type": "string" }, "type": "array" }, "data_subject_categories": { "description": "Categories of data subjects (e.g. [\"employees\", \"candidates\",\n\"customers\"]).", "items": { "type": "string" }, "type": "array" }, "dpia_ref": { "anyOf": [ { "$ref": "#/$defs/PathRef" }, { "type": "null" } ], "description": "PathRef into the DPIA if Art. 35 triggered." }, "dpo_contact": { "anyOf": [ { "$ref": "#/$defs/PathRef" }, { "type": "null" } ], "description": "PathRef into the controller's DPO contact." }, "entity": { "$ref": "#/$defs/PathRef" }, "eu_representative": { "anyOf": [ { "$ref": "#/$defs/PathRef" }, { "type": "null" } ], "description": "PathRef into the controller's representative (Art. 27) when\noutside EU." }, "id": { "$ref": "#/$defs/PathRef" }, "last_reviewed": { "$ref": "#/$defs/IsoDate" }, "lawful_basis": { "$ref": "#/$defs/LawfulBasis" }, "next_review_due": { "$ref": "#/$defs/IsoDate" }, "purpose": { "description": "Processing purpose narrative.", "type": "string" }, "recipients": { "description": "Recipients (Art. 30(1)(d)+(e)).", "items": { "$ref": "#/$defs/Recipient" }, "type": "array" }, "retention_policy": { "description": "Retention period narrative (e.g. \"10 years after employment\nends per HGB § 257\").", "type": "string" }, "role": { "$ref": "#/$defs/GdprRole" }, "security_measures": { "description": "Security measures (Art. 30(1)(g) + Art. 32).", "items": { "$ref": "#/$defs/SecurityMeasure" }, "type": "array" }, "special_category_basis": { "$ref": "#/$defs/SpecialCategoryBasis", "description": "Special-category basis if Art. 9 data is processed." } }, "required": [ "id", "entity", "role", "activity_name", "purpose", "lawful_basis", "special_category_basis", "data_subject_categories", "data_categories", "recipients", "retention_policy", "security_measures", "created_at", "last_reviewed", "next_review_due", "confidentiality" ], "title": "GdprProcessingRecord", "type": "object", "x-corpospec-pillar": "privacy" }